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REMARKS 

By this amendment, claims 1-21 are pending, in which claims 1 and 21 are currently 
amended. The amendment to claims 1 and 21 reduces issues for appeal by introducing subject 
matter previously searched and considered in claims 9 and 16. Thus, entry of this amendment 
after final is proper. 

The final Office Action mailed December 15, 2004 rejected claims 1-21 as obvious under 
35 U.S.C. § 103 based on Liu (US 6,079,020) in view of Tabata (US 2001/0016914). This 
rejection is respectfully traversed because Liu and Tabata, individually or in combination, fail to 
teach the features of the claims. 

For example, independent claim 9, which is not amended, recites: 

one or more egress boundary routers having connections to the access 
network, wherein said one or more egress boundary routers transmit intra- 
VPN traffic toward the destination host via the first logical connection and 
transmit extra- VPN traffic toward the destination host via the second 
logical connection; and 

This feature is not shown in Liu and Tabata. For example, Liu is directed to a method 
and apparatus for managing a virtual private network over a public data network (Abstract). 
Referring to FIG. 3 and accompanying text on col. 8:11-39, an inbound packet is received from 
the Internet (step 310) and the source and the destination addresses are checked to determine if 
they belong to the same VPN group (step 320). If they do not belong to the same VPN group, 
then "the packet is forwarded to the receiving site as though it were normal Internet data traffic at 
state 330" (col. 8:22-25). On the other hand, if they do belong to the same VPN group, then the 
packet is reconstituted (as by decryption, etc., in step 340) and "the reconstructed packet will be 
delivered to the site of the destination address at state 360" (col. 8:37-39). 
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Liu does not provide any details, however, about how either the received packet or the 
reconstructed packet is transmitted to the site of the destination address, much less whether "one 
or more egress boundary routers transmit intra- VPN traffic toward the destination host via the 
first logical connection and transmit extra- VPN traffic toward the destination host via the 
second logical connection" as recited in independent claim 9. In fact, Liu merely describes the 
differential treatment of incoming traffic in terms of manipulating packets, not in terms of using 
logical connections. As a result, the Office Action is correct to recognize on p. 7 that "Liu does 
not disclose" the recited one or more egress boundary routers. 

Tabata also does not disclose the recited one or more egress boundary routers. Rather, 
Tabata is mainly concerned with transmitting packets between separate edge nodes 2, with 
almost no discussion of how packets are transmitted from edge node 2 to end user 1. In fact, 
what little discussion Tabata has about this aspect teaches against the features recited in claim 9. 

More specifically, Tabata describes an IP virtual private network in which an edge node 
"receives an IP packet transmitted from a user [and] adds thereto information including an 
external IP header and an IP virtual private network identifier" (Abstract). Tabata further 
discloses that the "edge node is assigned a plurality of different IP addresses in accordance with 
quality (required bandwidth) of an in-network packet" (Abstract). This processing of packets 
occurs strictly between edge nodes, however. For example, f 0054 of Tabata states (emphasis 
added): 

As described above, the ingress edge node receives a packet from end user 
1 to transfer it to backbone network 3 after it adds in-network additional 
information thereto, while the egress edge node receives an in-network packet 
from backbone network 3 to transfer it to end user 3 after it deletes in-network 
additional information therefrom. FIG. 5 shows a configuration for realizing both 
functions of the ingress edge node and egress edge node. 
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Thus, Tabata not only fails to disclose that its egress edge nodes "transmit intra- VPN 
traffic toward the destination host via the first logical connection and transmit extra- VPN 
traffic toward the destination host via the second logical connection" as recited in claim 9 but 
Tabata discloses that the additional information is deleted, making any differential treatment of 
traffic from the egress edge node more difficult, if not impossible. 

The portions of Tabata cited in the Office Action, p. 8, with regard to independent claim 
9 do not support the rejection. For example, though f 46 discloses "an egress edge node (not 
shown) for receiving in-network packets from backbone network 3 to transfer them to end users 
1," this paragraph provides no details about doing so via first and second logical connections. 
Paragraph 69 discusses "ingress transfer control information" and therefore lacks relevance to the 
claimed feature, and f 89' s discussion of transferring "in-network packets to switch 63 in order 
of precedence class" also fails to be relevant to the claimed "egress boundary routers." 

The Office Action's response to arguments also do not support the rejection. For 
example, the contention that "Liu teach that there is a clear distinction to be made between intra- 
VPN and extra- VPN traffic (col. 7, lines 30-40)" is only pertinent for "an outbound data packet" 
(col. 7:20-21) that is "forwarded to the Internet (7:33), not "toward the destination host" as 
recited in claim 9. Furthermore, the assertion that "[i]t is also well known in the art and 
implicitly understood that IP-enabled devices are able to send traffic among multiple separate 
logical ports, which can be construed to be logical connections under the broadest definition of 
the term" lacks a factual basis in the record. The Administrative Procedures Act requires the 
Patent Office to articulate and place on the record the "common knowledge" used to negate 
patentability. In re Sang Su Lee, No. 00-1158 (Fed. Cir., Jan. 18, 2002); In re Zurko, No. 96- 
1285 (Fed. Cir., Aug. 2, 2001). Even if a reference disclosing what is asserted to be well-known 
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could be found, the record must still contain some suggestion to motivate a person of skill to 
modify Liu or Tabata in the specific manner as recited in claim 9, but this would be hard to do. 
Liu deals with merely reconstructing packets belonging to the same VPN group in incoming 
traffic, and Tabata junks any in-network additional information at the egress node. 

Originally presented independent claim 16 is patentable over Liu and Tabata, because 
neither reference teaches or otherwise suggests the recited feature of "transmitting intra- VPN 
traffic from said one or more egress boundary routers toward the destination host via the 
first logical connection, and transmitting extra- VPN traffic from said one or more egress 
boundary routers toward the destination host via the second logical connection." As evident 
from the above discussion, neither Liu nor Tabata is particularly concerned about the 
transmission details between from an egress boundary router toward a destination host. 

To reduce issues for appeal, independent claim 21 has been amended to include 
"transmitting the intra- VPN traffic from one or more egress boundary routers toward the 
destination host via a first logical connection, and transmitting extra- VPN traffic from said one 
or more egress boundary routers toward the destination host via a second logical connection." 
For the foregoing reasons, neither Liu nor Tabata teaches or otherwise suggests this feature. 

Also reducing issues for appeal, independent claim 1 recites a feature both Liu and 
Tabata lack: "one or more egress boundary routers having connections to an access network 
including the access link, wherein said one or more egress boundary routers transmit intra- VPN 
traffic toward the destination host from sources within the VPN and extra- VPN traffic toward the 
destination host from sources outside the VPN within separate access network logical 
connections for intra- VPN and extra- VPN traffic , respectively ." 
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Dependent claims 2-8, 10-15, and 17-20 are allowable for at least the same reasons as 
their independent claims and are separately patentable on their merits. Thus, all claims are 
allowable over the applied art of record. 

Therefore, the present application, as amended, overcomes the rejections of record and is 
in condition for allowance. Favorable consideration is respectfully requested. If any unresolved 
issues remain, it is respectfully requested that the Examiner telephone the undersigned attorney at 
703-425-8516 so that such issues may be resolved as expeditiously as possible. 
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Respectfully Submitted, 
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